A vulnerability was found in TODDR Template::Plugin::HTML up to 3.102 on Perl and classified as problematic . This affects an unknown function of the component HTML Attribute Handler . The manipulation of the argument var results in HTML injection. This vulnerability is identified as CVE-2026-5090 . The attack can be executed remotely. There is not any exploit available. A patch should be applied to remediate this issue.